PDC acceptance criteria

David Collier-Brown David.Collier-Brown at canada.sun.com
Thu Oct 5 12:44:08 GMT 2000


Steve Langasek wrote:
> To do this with at least as much security as is used in the NT implementation,
> at a minimum you would want rsync/rdist with ssh. 

	For data which isn't "plaintext equivalent", NFS
	is adequate and very widespread (;-))

	For plaintext, any replication system without
	encryption with non-online keys is an invitation
	to abuse. We're just fighting the equivalent problem
	at work, which reduces to the "key distribution 
	problem".  This is annoying, as we'd really like
	something less amateur than the ^$%#%$!!! NT scheme.

	As, the hashes are plaintext equivalent: I'd
	prefer to avoid them in favor of Kerberos.

--dave

-- 
David Collier-Brown,  | Always do right. This will gratify some people
185 Ellerslie Ave.,   | and astonish the rest.        -- Mark Twain
Willowdale, Ontario   | //www.oreilly.com/catalog/samba/author.html
Work: (905) 415-2849 Home: (416) 223-8968 Email: davecb at canada.sun.com




More information about the samba-technical mailing list